Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Get a devDuck
Rubber duck debugging has never been so cute! Get your favorite coding language devDuckBuy Now
Search - "anonymity"
I imagine two dev colleagues sitting next to each other, on their phone, each feeling very secure in the anonymity of devrant.12
age 11: worry about internet people finding me in real life
now: worry about people in real life finding me on the internet11
The bossman asked if our signup service sends an automated email after we successfully process someone's payment or when we promote them to full customer.
That sounds like a simple query, yeah?
Here's some background:
We have four applications; one in React, three in Rails. I'll replace their names to retain some anonymity.
1) "IceSkate" is the React app, and it's a glorified signup form. (I wrote this one.)
2) "Bogan" is the main application, and is API-only; its frontend has been long since deprecated by the following two:
3) "Bum" is a fork of "Bogan" that has long since diverged. It now contains admin-only tools.
4) "Kulkuri" is also a fork of "Bogan" that has long since diverged. It now contains tools specifically for customers, which they can access.
All but IceSkate (obv) share a database.
Here's how signups happen:
Signups come in from IceSkate, which hits a backend API on Bogan. Bogan writes the data to the database, charges the card immediately, and leaves the signup for moderation.
And here's how promotion from signup to customer happens:
Bum has a view allowing admins to validate, modify, and "promote" a signup to a full customer. Upon successful promotion, Bum calls "ServerWrap", a module which calls actions on the other applications; in this case: Bogan.
Bogan routes execution through three separate models before calling "ServerWrap" again, this time calling KulKuri.
Finally, KulKuri actually creates the customer!
After KulKuri finishes creating the customer, execution resumes on Bogan, which then returns, causing execution to resume on Bum. Bum then runs through several other models, references the newly-created customer object (as all three share a database), and ... updates the customer with its current data, and then updates the signup object. After all of this, it finally shows the admin the "new customer" view.
It took me 25 minutes to follow the chain of calls, and I still don't know quite what's going on. I have no idea if any of it sends an email or not -- I didn't see any signs of this, but I very easily could have overlooked something.
So, to answer bossman's question... I asked the accounting people if they send the email manually. If they don't, it's automatic, which means I missed something and get to burrow through that mess all over again!
I really hope I missed something; otherwise I need to figure out how and where (and when!) to send the email...
This is in one of the big 5 (not specifying which for some anonymity)
I apply for an internship.
I get an interview.
I pass the interview and get the internship.
I do great in the internship. Get an exceeds expectations.
I apply for conversion.
I ace the two interviews.
I am told that the hiring committee gave me a yes.
I enter host matching (ie to find a team to join).
And that's it. I never get matched (I only met 1 team that had UI focus and I had previously asked to not be put on a UI team so the TL rejected me). 1 year later I'm told sorry the offer is no longer valid.
The annoying bit is that I decided not to apply to grad school and refused all other offers under the assumption that it was a guaranteed spot.1
Definitly !rant; btw long post ahead
Soooo not so long ago i joined this community by chance just cuz i installed some app randomly found on google store and what can i say. Best decision ever!
I can say i never met such an interesting and diverse communitiy ever and i kin of ground fond of it (i usually dont get too attached to peoples).
After a while i felt the urge to get myself involved into some disscusion at some random post and i did it. But it felt empty as my image was just a plain green bubble of anonymity. But yeh, i am cool with it, i will customize it after some ++es. No problem!
I got incremented for a while and i got to make a simple generic avatar. I felt again a urge, but this time to customize even more. Sadly, anything cool needs approval by the people. Soo i kind of let it go as i am not really the kind to find myself talking in other businesses and i moved over.
Until i saw it! Not the tiger, not the bird but the dog! Annnd i wanted it so i made a joke that i am a wizard with an invisible dog. What can go wrong, right? Well the thing is.. it did not go wrong, as expected, but it went great, kinda unexpected.
How? Well, some random stranger felt me and gave me a hunble chance to get closer to my dreamy real dog. And so it begin, my crusade to get that damn dog!
But what i have realised fast is .. this is not facebook! Nor Instagram! People doesnot upvote attention whoreing or such lowly acts, but they are actually prone to support people who just.. get involved.
And so i did. I got involved. I actually got involved in a community! For a awkwardly introvert person that's something, but maybe more than few of you people can relate to this.
And today i finally reached that goal! I have a real doggo! Well, real as in not invisible, not as in a great responsability, but now i have both. But this was not such a big deal. The big deal is that i found people whos interests are alike to mine and are prone to help, support and befriend others. I must say, thanks to all! Wonderful time, and while i am not here for a long time, i will surely be!
Cheers and dev on!17
devrant is the only community that I feel comfortable in.
I've been browsing since 2000 and been in many communities online so far, so that's saying a lot.
I've seen supportive comments towards me and others here, and that really makes me feel less hopeless.
I think the internet in general makes you feel like you're a number. Click the like and the sub button, just be one more in a million.
But here, you matter.
If you try to post something and you are sincere, but humble people will ++ and say nice comments.
If you get upvoted, you can WHO did it and what their online persona looks like.
It feels very organic and personal, which is saying a lot for a place like the internet.
In the standard online experience, people online take advantage of the anonymity to say shit they wouldn't online:
anything, from troll shit to presumptuous comments.
I don't understand how some people can connect being anonymous with denying themselves as moral beings.
Do these people walk around in real life fighting with every person that has an opposite point of view?
There's actual people out there that will read this post and think "what a fucking boy scout".
Sorry for having emotions.
how many fucked up people are there, so that devrant feels like a goddamn mirage?10
Ten Immutable Laws Of Security
Law #1: If a bad guy can persuade you to run his program on your computer, it's not solely your computer anymore.
Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore.
Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.
Law #4: If you allow a bad guy to run active content in your website, it's not your website any more.
Law #5: Weak passwords trump strong security.
Law #6: A computer is only as secure as the administrator is trustworthy.
Law #7: Encrypted data is only as secure as its decryption key.
Law #8: An out-of-date antimalware scanner is only marginally better than no scanner at all.
Law #9: Absolute anonymity isn't practically achievable, online or offline.
Law #10: Technology is not a panacea.4
Just realized that this app and community is the perfect example of a rule-less functional online community, it has everything that people would mostly believe drama occurs but no drama
Anonymity, relaxed rules, huge base, long reaching form of social media, yet it's possibly the most Las online community I've ever seen *knock on wood*6
I spent over a decade of my life working with Ada. I've spent almost the same amount of time working with C# and VisualBasic. And I've spent almost six years now with F#. I consider all of these great languages for various reasons, each with their respective problems. As these are mostly mature languages some of the problems were only knowable in hindsight. But Ada was always sort of my baby. I don't really mind extra typing, as at least what I do, reading happens much more than writing, and tab completion has most things only being 3-4 key presses irl. But I'm no zealot, and have been fully aware of deficiencies in the language, just like any language would have. I've had similar feelings of all languages I've worked with, and the .NET/C#/VB/F# guys are excellent with taking suggestions and feedback.
This is not the case with Ada, and this will be my story, since I've no longer decided anonymity is necessary.
First few years learning the language I did what anyone does: you write shit that already exists just to learn. Kept refining it over time, sometimes needing to do entire rewrites. Eventually a few of these wound up being good. Not novel, just good stuff that already existed. Outperforming the leading Ada company in benchmarks kind of good. At the time I was really gung-ho about the language. Would have loved to make Ada development a career. Eventually build up enough of this, as well as a working, but very bad performing compiler, and decide to try to apply for a job at this company. I wasn't worried about the quality of the compiler, as anyone who's seriously worked with Ada knows, the language is remarkably complex with some bizarre rules in dark corners, so a compiler which passes the standards test indicates a very intimate knowledge of the language few can attest to.
I get told they didn't think I would be a good fit for the job, and that they didn't think I should be doing development.
A few months of rapid cycling between hatred and self loathing passes, and then a suicide attempt. I've got past problems which contributed more so than the actual job denial.
So I get better and start working even harder on my shit. Get the performance of my stuff up even better. Don't bother even trying to fix up the compiler, and start researching about text parsing. Do tons of small programs to test things, and wind up learning a lot. I'm starting to notice a lot of languages really surpassing Ada in _quality of life_, with things package managers and repositories for those, as well as social media presence and exhaustive tutorials from the community.
At the time I didn't really get programming language specific package managers (I do now), but I still brought this up to the community. Don't do that. They don't like new ideas. Odd for a language which at the time was so innovative. But social media presence did eventually happen with a Twitter account that is most definitely run by a specific Ada company masquerading as a general Ada advocate. It did occasionally draw interest to neat things from the community, so that's cool.
Since I've been using both VisualStudio and an IDE this Ada company provides, I saw a very jarring quality difference over the years. I'm not gonna say VS is perfect, it's not. But this piece of shit made VS look like a polished streamlined bug free race car designed by expert UX people. It. Was. Bad. Very little features, with little added over the years. Fast forwarding several years, I can find about ten bugs in five minutes each update, and I can't find bugs in the video games I play, so I'm no bug finder. It's just that bad. This from a company providing software for "highly reliable systems"...
So I decide to take a crack at writing an editor extension for VS Code, which I had never even used. It actually went well, and as of this writing it has over 24k downloads, and I've received some great comments from some people over on Twitter about how detailed the highlighting is. Plenty of bespoke advertising the entire time in development, of course.
Never a single word from the community about me.
Around this time I had also started a YouTube channel to provide educational content about the language, since there's very little, except large textbooks which aren't right for everyone. Now keep in mind I had written a compiler which at least was passing the language standards test, so I definitely know the language very well. This is a standard the programmers at these companies will admit very few people understand. YouTube channel met with hate from the community, and overwhelming thanks from newcomers. Never a shout out from the "community" Twitter account. The hate went as far as things like how nothing I say should be listened to because I'm a degenerate Irishman, to things like how the world would have been a better place if I was successful in killing myself (I don't talk much about my mental illness, but it shows up).
I'm strictly a .NET developer now. All code ported.6
I'm coming off a lengthy staff augmentation assignment awful enough that I feel like I need to be rehabilitated to convince myself that I even want to be a software developer.
They needed someone who does .NET. It turns out what they meant was someone to copy and paste massive amounts of code that their EA calls a "framework." Just copy and paste this entire repo, make a whole ton of tweaks that for whatever reason never make their way back into the "template," and then make a few edits for some specific functionality. And then repeat. And repeat. Over a dozen times.
The code is unbelievable. Everything is stacked into giant classes that inherit from each other. There's no dependency inversion. The classes have default constructors with a comment "for unit testing" and then the "real" code uses a different one.
It's full of projects, classes, and methods with weird names that don't do anything. The class and method names sound like they mean something but don't. So after a dozen times I tried to refactor, and the EA threw a hissy fit. Deleting dead code, reducing three levels of inheritance to a simple class, and renaming stuff to indicate what it does are all violations of "standards." I had to go back to the template and start over.
This guy actually recorded a video of himself giving developers instructions on how to copy and paste his awful code.
Then he randomly invents new "standards." A class that reads messages from a queue and processes them shouldn't process them anymore. It should read them and put them in another queue, and then we add more complication by reading from that queue. The reason? We might want to use the original queue for something else one day. I'm pretty sure rewriting working code to meet requirements no one has is as close as you can get to the opposite of Agile.
I fixed some major bugs during my refactor, and missed one the second time after I started over. So stuff actually broke in production because I took points off the board and "fixed" what worked to add back in dead code, variables that aren't used, etc.
In the process, I asked the EA how he wanted me to do this stuff, because I know that he makes up "standards" on the fly and whatever I do may or may not be what he was imagining. We had a tight deadline and I didn't really have time to guess, read his mind, get it wrong, and start over. So we scheduled an hour for him to show me what he wanted.
He said it would take fifteen minutes. He used the first fifteen insisting that he would not explain what he wanted, and besides he didn't remember how all of the code he wrote worked anyway so I would just have to spend more time studying his masterpiece and stepping through it in the debugger.
Being accountable to my team, I insisted that we needed to spend the scheduled hour on him actually explaining what he wanted. He started yelling and hung up. I had to explain to management that I could figure out how to make his "framework" work, but it would take longer and there was no guarantee that when it was done it would magically converge on whatever he was imagining. We totally blew that deadline.
When the .NET work was done, I got sucked into another part of the same project where they were writing massive 500 line SQL stored procedures that no one could understand. They would write a dozen before sending any to QA, then find out that there was a scenario or two not accounted for, and rewrite them all. And repeat. And repeat. Eventually it consisted of, one again, copying and pasting existing procedures into new ones.
At one point one dev asked me to help him test his procedure. I said sure, tell me the scenarios for which I needed to test. He didn't know. My question was the equivalent of asking, "Tell me what you think your code does," and he couldn't answer it. If the guy who wrote it doesn't know what it does right after he wrote it and you certainly can't tell by reading it, and there's dozens of these procedures, all the same but slightly different, how is anyone ever going to read them in a month or a year? What happens when someone needs to change them? What happens when someone finds another defect, and there are going to be a ton of them?
It's a nightmare. Why interview me with all sorts of questions about my dev skills if the plan is to have me copy and paste stuff and carefully avoid applying anything that I know?
The people are all nice except for their evil XEB (Xenophobe Expert Beginner) EA who has no business writing a line of code, ever, and certainly shouldn't be reviewing it.
I've tried to keep my sanity by answering stackoverflow questions once in a while and sometimes turning evil things I was forced to do into constructive blog posts to which I cannot link to preserve my anonymity. I feel like I've taken a six-month detour from software development to shovel crap. Never again. Lesson learned. Next time they're not interviewing me. I'm interviewing them. I'm a professional.9
Think My manager is following me on this, need more anonymity @dfox need to change my username and put a balaclava on my avatar2
I work in a contract position and reviewed the code of a senior engineer recently. Regretfully I can't provide context to preserve anonymity.
- handled a single DOM element with 2 different frontend libraries
- used the logical operator && to 'chain' two methods (it didn't work) instead of returning a boolean value,
- broke everything down into minute detail (a comment box had 7 components!),
- API calls were made for every component update instead of maintaining local component state where it made sense, which meant UI updates were slow,
- animated EVERYTHING, which made my Firefox on Xubuntu i7 64bit with 16GB RAM beg for mercy.
I had a rough couple of months with interviews, with 2nd stage technical interviewers throwing impossible tasks at me.
3. Hack a website from the browser's address bar using parameters ( what?!! ),
Obviously, the next time I meet a 'senior', I'm going to tell him talk is cheap;
'SHOW ME YOUR CODE.'3
When you face the dilemma of wanting to share devRant with your friends but face giving up your anonymity....also, what if you forget you ranted about them and they find out? Hmmm.....4
My company sends out this Culture Assessment survey so employees "voices can be heard".
I keep reading the email:
"Please *do not* forward this email to other individuals. The survey link is unique to your Business Group, project, and certain demographics, and therefore should be completed with only your responses."
many from the outside world believe incognito is the purest form of anonymity and security.....because its logo has a suspicious man with a hat and an overcoat2
Emails from devRant contain spy pixels 🙂
Okay now, I know it is SendGrid's doing and I only assume good will from devRant devs. But they also need to understand that anonymity and user privacy are crucial qualities of the devRant platform and they're essentially what makes it work.
I thought that developers' attention should be drawn to this.10
Just found this today in the Terms for a VPN provider...
ARE YOU FUCKING JOKING?!? GO BOIL WHAT SMALL MAN JUNK YOU HAVE AND EAT IT.2
When you catch a fellow classmate checking out some devRant posts... Don't worry. Your Anonymity is safe with me2
Not a rant just a question, can I change my profile name? I like my name and all but I didn't think about anonymity when I created it.9
I'm getting so sick of people bitching about their privacy and apps (looking at you gdpr).
They want full anonymity and share 0 data... well fine but then pay me 2.99 a month to use my service... oh you don't want to spend money well ok then, ill use some of your metrics and share them with advertisers so you can keep using the service at no cost... oh you don't want us to collect the data you are already spewing around on every online platform? well then we cant have you using our service because you are costing us money... what? the gdpr is forcing us to keep providing you with the service... but... who is going to pay for resource costs?!
ps: the gdpr is so full of loopholes, half the arguments you "nerds(be honest you read it on facebook that we have to delete you data...haha..)" use for how great it is are...well... moot
pps: with you nerds I don't mean the readers of this18
VR/AR - inferior interaction with the computer, just like touchscreen are inferior to physical buttons
Microservices - having a stew of different coding standards will in the end introduce performance issues due to layers needed to reduce code entropy
Agile - programming was and always will be creation on existing technologies. Every library writer who follows Agile is making a hellhole for anyone above the layer of abstraction
Web freedom and Anonymity - At this point it should be obvious already, this fad took 30 years too long5
4am writing an assignment about the ethics of anonymity tools (TOR, VPNs, brown bags to put on your head)
I love the subject – I picked it – but these written assignments for peripheral classes are the most soul sucking part of studying software engineering2
If I wanted to become a hacker here is what I would do to cover my steps: 1.) Buying a used Laptop with cash, and picking it up in person.
2.) Using random coffee shops to work by dice roll. Obviously at least a d20 and at least 20 coffee shops.
3.) Installing Linux, probably Manjaro. (Not Kali because I've heard that is watched)
What are your thoughts?31
Disclaimer: This is all theoretical. Neither me nor my friend (with whom I discussed this) are stupid enough to even try to pursue this, but as an idea, i believe it might generate cool/new ideas/ways for handling secure communications across social groups.
Let's do some role play. Let's design a delivery app for drug dealers, think Seamless or Uber Eats, but for drugs. Not for big deliveries, like kilograms of coke, but smaller stuff. Maybe a few grams of it or something. The clients could rate dealers, and vide-versa. This would build a level of trust within the system. There would be no names, just anonymous reviews, ratings, and prices. Only the info you'd need to know.
The biggest (only?) problem we found (besides legality) was that, how would you prove that you're a client and not a snitch (or cop). This would have to somehow be handled both on signup, as well as when ordering (let's imagine that all who are clients are pure and won't ever snitch).
One of the ways we found to combat this was to have the app invite-only. This would, in theory, do away with the problem of having snitches signing up. However, what if the phone got stolen/breached by a snitch, and they also got full access to the account. One way we thought we could combat this would be with a "dispose number" or something similar. Basically, you call a number, or send a text, or message a Signal bot etc, which would lead to the account's instant termination, no traces of that user left. Hence, a dispose number.
The flow of the app would be as follows:
A client wants some amount of heroin. He opens the app, searches for a dealer, sends the him the desired amount, and in return gets back a price from the dealer. If both parties agree on the amount and price, the deal would start.
The app would then select a random time (taken from the client's selected timeframe and the dealer's "open" time) and a location (within a certain radius of both them, somewhere in between them both for convenience). If both of them accept the time and place, they'll have to meet up at said time and place.
The actual delivery could also be done using two dead drops - the client drops the money at one of them, the dealer drops the goods at the other one. Yes, this might be subject to abuse, but it wouldn't be that bad. I doubt that clients would make huge orders to unknown/badly rated dealers, as well as dealers accepting offers from badly rated clients. My idea is that they would start small, just so if they do lose their money/goods, the actual loss wouldn't be as big for them, but for the other party, having bad ratings would mean less clients willing to buy or dealers willing to sell.
A third way would be to use crypto, but the reason I left this as the last one is because it's not that wide-spread yet, at least not in local drug dealing. With this method, the client would initiate the order, the crypto would be sent to either the dealer or an escrow account, the dealer would then drop the goods at a random place and let the client know where to go to get them. After the client has gotten the goods, they could both review/rate the quality as well as the overall experience with that dealer, which would either make or break the dealer's upcoming deals. This would be pretty much like other DNM's, but on a local scale, making deliveries faster.
So far, this would seem like something that would work. Are there any ideas that might improve this? Anything that might make things more secure/anonymous?
My reason for this post is to spark a conversation about security and anonymity, not to endorse drugs or other illegal stuff.
PS. Really loving the new PC design of devRant14
Do any of you still use IRC ?
I am trying get back in to from a 5 year break. I want to know if bots, bouncers are still relevant and updated. Also since privacy is important how to maintain a sufficient degree of anonymity?
P.s. not looking for alternatives like slack or discord4
Are there any real trusted and with an anonymity level of Elite, proxies out there or do I have to make my own?3